基于策略的自动协商机制在分布委托授权中的应用  

Application of Automated Negotiation Based on Policy in Delegation Authorization of Distributed Environment

在线阅读下载全文

作  者:武小年[1,2] 张润莲[1] 马春波[1] 周胜源[1,2] 

机构地区:[1]桂林电子科技大学信息与通信学院,桂林541004 [2]现代通信国家重点实验室,成都610041

出  处:《计算机科学》2010年第3期102-105,共4页Computer Science

基  金:现代通信国家重点实验室基金项目(9140C1101050706);广西信息与通讯技术重点实验室基金(10908)资助

摘  要:网格系统采用委托授权有效地解决了分布状态下的授权问题,但其动态变化将打破委托授权模式下不同安全域间访问权限的全局一致性。为解决该问题,采用了一种基于策略的自动协商机制。为及时发现问题并在相关安全域间快速协商和恢复双方访问权限的全局一致性,该机制定义了一组用于引导协商过程自动进行的策略规则,并给出一个系统必须遵循的协商状态转换图,从而在事件触发器的推动下,自动实施协商过程的状态变换,实现权限协商并重新授权。测试结果表明,与人工协商相比,该自动协商机制提高了解决问题的效率,改善了系统性能,并简化了管理者的安全维护管理工作。The grid system authorizes in delegation model to adapt well to the distributed environment. But the dynamic change of the grid would break the global consistency of privileges in delegation model between different secure domains. To address the problem, this paper introduced an automated negotiation mechanism based on policies. In order to detect the problem timely and negotiate the privileges quickly and renew the global consistency of privileges between the corresponding secure domains, the mechanism defined a set of policy rules, which would conduct the negotiation process to automate, and presented a state transition diagram that the system should follows. Sequentially, driven by the trigger, the mechanism would implement automatically the negotiation state transition, and enforce the privileges negotiation and reauthorize between negotiation parties. The test result shows that, comparing with negotiation process conducted by people, the automated negotiation mechanism improves the efficiency of the solution to the problem and system performance,and simplifies security administration work of the administrators.

关 键 词:委托授权 自动协商 策略 状态转换图 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象